14
Status? ● Support exists in all modern operating systems ● Not turned on by default....Why? – Not sure, but it... ● May break some options such as large windows ● Assumes TCP parameters that are negotiated do not change

15
Cookies for the “bad guy” ● TCP SYN cookies – Used by good guy to securely keep track of valid half- open connections using constant-state at the server – Encode information in destination seqno ● Inverse TCP SYN cookies – Used by bad guy to securely keep track of valid half- open connections using constant-state at the client – Encode information in the source port/seqno – Allows for high-speed scanning